package cn.swust.score.configer;
 
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService; 
import cn.swust.score.service.CustomUserService;

@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Bean
	UserDetailsService customUserService() {
		return new CustomUserService();
	}

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.userDetailsService(customUserService());
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.csrf().disable(); 
		http.authorizeRequests()
		  		//.antMatchers("/login", "/candidate","/rater","/admin","scoreInfo", "stage").access("hasRole('ADMIN')")  
		  		//.antMatchers("/login", "/grade").access("hasRole('RATER')") 
		  		.antMatchers("/").permitAll()
				.anyRequest().authenticated().and().formLogin()
				.loginPage("/component/Login.html").permitAll() 
				.and().logout().permitAll();  
	}

	@Override
	public void configure(WebSecurity web) throws Exception {
		// 解决静态资源被拦截的问题
//		web.ignoring().antMatchers("/", "/css/**",
//				"/v2/api-docs/**",
//				"/swagger-resources/**", 
//				"/webjars/**", "/js/**",
//				"/img/**", "/bootstrap-3.3.7-dist/**",
//				"/component/Login.html", 
//				"/login");
		// 解决静态资源被拦截的问题
		web.ignoring().antMatchers("/", 
				"/css/**",
				"/v2/api-docs/**",
				"/swagger-resources/**", 
				"/webjars/**", 
				"/js/**",
				"/img/**", 
				"/layui/**", 
				"/component/*.html", 
				"/bootstrap-3.3.7-dist/**",
				"/login");
	}
	
	 
 
}